In A Surprising Decision, European Court Of Human Rights Says Sweden's Mass Surveillance Is Fine

from the but-top-EU-court's-views-may-matter-more dept

In the wake of Snowden's revelations of the scale of mass surveillance around the world, various cases have been brought before the courts in an attempt to stop or at least limit this activity. One involved Sweden's use of bulk interception for gathering foreign intelligence. A public interest law firm filed a complaint at the European Court of Human Rights (ECtHR). It alleged that governmental spying breached its privacy rights under Article 8 of the European Convention on Human Rights (pdf). The complaint said that the system of secret surveillance potentially affected all users of the Internet and mobile phones in Sweden, and pointed out that there was no system for citizens to use if they suspected their communications had been intercepted. The ECtHR has just ruled that "although there were some areas for improvement, overall the Swedish system of bulk interception provided adequate and sufficient guarantees against arbitrariness and the risk of abuse":

In particular, the scope of the signals intelligence measures and the treatment of intercepted data were clearly defined in law, permission for interception had to be by court order after a detailed examination, it was only permitted for communications crossing the Swedish border and not within Sweden itself, it could only be for a maximum of six months, and any renewal required a review. Furthermore, there were several independent bodies, in particular an inspectorate, tasked with the supervision and review of the system. Lastly, the lack of notification of surveillance measures was compensated for by the fact that there were a number of complaint mechanisms available, in particular via the inspectorate, the Parliamentary Ombudsmen and the Chancellor of Justice.

When coming to that conclusion, the Court took into account the State's discretionary powers in protecting national security, especially given the present-day threats of global terrorism and serious cross-border crime.

It might have been too much to expect bulk intercept ruled out in principle, but it is surprising to see a retreat from existing standards on safeguards.

McIntyre played a leading role in one of the key cases brought against mass surveillance, by Digital Rights Ireland in 2014. It resulted in the EU's top court, the Court of Justice of the European Union (CJEU), ruling the EU's Data Retention Directive was "invalid". As McIntyre notes, the detailed ECtHR analysis mentions the CJEU decision, but not the more recent ruling by the latter that struck down the "Safe Harbor" framework because of mass surveillance by the NSA.

The judgment significantly waters down safeguards previously developed by the ECtHR in relation to notification and possibility of a remedy against unlawful surveillance.

For example, McIntyre points out the ECtHR accepted that it is necessary for the Swedish signals intelligence service to store raw material before it can be manually processed:

Remarkably weak controls on storage and downstream use of intercept material were accepted by the ECtHR -- in particular, it was satisfied with retention of bulk intercept "raw material" for one year!

Something of a setback in terms of limiting mass surveillance, the latest judgment goes against the general trend of decisions by the arguably more important CJEU court. In 2014 the latter effectively ruled that its own decisions should take precedence over those of the ECtHR if they came into conflict. That is now more likely, given the CJEU's hardening position against mass surveillance, and the diverging judgment from the ECtHR, which shows some softening.

Re:

Present-day threats

given the present-day threats of global terrorism and serious cross-border crime.

Reminder: Crime rates have been dropping for decades, and for the most part we're safer than ever before. That includes terrorism. The IRA used to do frequent bombings, and air hijackings were much more common. The numbers decreased before our modern paranoia took over.

Surprising?

Really TD? If this is surprising it only further adds to the growing pile of evidence that TD is just flat out of touch!

Total surveillance is coming like it or not. TD is a strong advocate of regulations in general and will be used as the moment to bring as many nations and people under a global surveillance state. When it is all said and done, the only thing left will be TD whining about how hard it was to predict this outcome and how all we needed to fix it is "government harder".

None of this is a surprise... it is more like "prophetic" especially considering 1984.

Re: Surprising?

Re: Surprising?

TD is a strong advocate of regulations in general and will be used as the moment to bring as many nations and people under a global surveillance state.

Hi troll. I asked you to stop lying about us on this point earlier this week and you disappeared and never responded. As happened last week. And the week before.

So, let's try again: point to a single example where we are "a strong advocate for regulations in general."

Go ahead.

I'll wait.

You can't, because we don't. We are generally against regulations, pointing out that they usually are poorly thought out and fail. There is one case where we agree with a very limited set of rules -- around net neutrality -- and because of that you continues to misrepresent what we say. And I keep asking you to stop it.

We support very narrow open internet rules because of a failed market that is not competitive. You yourself have admitted that you're for anti-trust regulations. So we agree that when markets fail it helps to have some check.

So why must you constantly lie and falsely claim that we're for regulation in general.

Doesn't this mean that the Swedish government is in contravention of GDPR? This is massive troves of data containing PII that does not offer proper controls, disclosure, a controller, or a means for an individual to review and rectify data potentially associated with them.